<?php
namespace app\api\controller;

use app\common\controller\Api;
use addons\litestore\model\Litestoreorder;

/**
 * 苹果支付接口
 * Class ApplePay
 * @package app\api\controller
 */
class ApplePay extends Api
{
    protected $noNeedLogin = ['*'];
    protected $noNeedRight = ['*'];

    // update these with the real location of your two .pem files. keep them above/outside your webroot folder
    protected $PRODUCTION_CERTIFICATE_KEY='/your/path/to/applepay_includes/ApplePay.key.pem';
    protected $PRODUCTION_CERTIFICATE_PATH='/your/path/to/applepay_includes/ApplePay.crt.pem';

    // This is the password you were asked to create in terminal when you extracted ApplePay.key.pem
    protected $PRODUCTION_CERTIFICATE_KEY_PASS='your password here';

    protected $PRODUCTION_MERCHANTIDENTIFIER = '';
    //if you have a recent version of PHP, you can leave this line as-is. http://uk.php.net/openssl_x509_parse will parse your certificate and retrieve the relevant line of text from it e.g. merchant.com.name, merchant.com.mydomain or merchant.com.mydomain.shop
    // if the above line isn't working for you for some reason, comment it out and uncomment the next line instead, entering in your merchant identifier you created in your apple developer account
    // protected $PRODUCTION_MERCHANTIDENTIFIER='merchant.com.name';

    protected $PRODUCTION_DOMAINNAME = ''; //you can leave this line as-is too, it will take the domain from the server you run it on e.g. shop.mydomain.com or mydomain.com
    // if the line above isn't working for you, replace it with the one below, updating it for your own domain name
    // protected $PRODUCTION_DOMAINNAME='mydomain.com';

    protected $PRODUCTION_DISPLAYNAME = 'Herfes';
    /**
     * 初始化参数
     */
    public function __construct()
    {
        $this->PRODUCTION_MERCHANTIDENTIFIER = openssl_x509_parse( file_get_contents( $this->PRODUCTION_CERTIFICATE_PATH ))['subject']['UID'];
        $this->PRODUCTION_DOMAINNAME = request()->domain();

    }

    /**
     * 创建一个付款会话
     */
    public function get_pay_session()
    {
        $validation_url = input('val_url');

        if( "https" == parse_url($validation_url, PHP_URL_SCHEME) && substr( parse_url($validation_url, PHP_URL_HOST), -10 )  == ".apple.com" ){

//            $data = '{"merchantIdentifier":"'.$this->PRODUCTION_MERCHANTIDENTIFIER.'", "displayName":"'.$this->PRODUCTION_DISPLAYNAME.'", "domainName":"'.$this->PRODUCTION_DOMAINNAME.'"}';
            $data = '{"merchantIdentifier":"'.$this->PRODUCTION_MERCHANTIDENTIFIER.'", "displayName":"'.$this->PRODUCTION_DISPLAYNAME.'", "initiative":"web", "initiativeContext":"'.$this->PRODUCTION_DOMAINNAME.'"}';

            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $validation_url);
            curl_setopt($ch, CURLOPT_SSLCERT, $this->PRODUCTION_CERTIFICATE_PATH);
            curl_setopt($ch, CURLOPT_SSLKEY, $this->PRODUCTION_CERTIFICATE_KEY);
            curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $this->PRODUCTION_CERTIFICATE_KEY_PASS);
            //curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
//            curl_setopt($ch, CURLOPT_SSLVERSION, 'CURL_SSLVERSION_TLSv1_2');
            //curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'rsa_aes_128_gcm_sha_256,ecdhe_rsa_aes_128_gcm_sha_256');
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $data);

            $response = curl_exec($ch);
            if($response === false)
            {
                echo '{"curlError":"' . curl_error($ch) . '"}';
            }

            // close cURL resource, and free up system resources
            curl_close($ch);
            return $response;
        }
    }

}